Skip to content

Don't double check for FIPS during maven package upload

From: gitlab-org/build/CNG#1838 (comment 1703867427)

🔥 Problem

When we upload a maven package to the Maven Repository, we have some checks to make sure that we are not in FIPS environment:

  1. Right before the endpoint logic.
  2. In the extract format function.

I think that the problem is already visible: the check conditions are not the same. 😸

🚒 Solution

For the upload endpoint, (2.) is not so useful and should not be executed.

However, this helper function is a shared function and other parts will need this FIPS check.

Solution: make the FIPS check optional (enabled by default) and disable it when calling the function from the upload endpoint.